Conference Description:

Overview: One of the major requirements of the health care organization to be HIPAA compliant is to develop and implement a set of HIPAA privacy and security policies and procedures. This can be a daunting task for those not knowing where to start and what a set of HIPAA privacy and security policies and procedures should look like. For the cost conscious health care organization, the HIPAA policies and procedures can have multiple uses: first, they can become a basis for training the health care organization workforce second, they can be used as a basis for conducting a HIPAA self-assessment and third, they can be used to demonstrate due diligence should there be a breach or an external HIPAA compliance audit.

In today's world it is not necessary that the health care organization spend significant funds to develop a set of HIPAA privacy and security policies and procedures from scratch. The health care organization can likely find templates on the internet that can be used as a starting point to customize HIPAA policies and procedures to be unique for the health care organization.

The preparation of a well-documented set of HIPAA policies and procedures needs to be addressed through the development of Privacy and Security policies and procedures that address each of the requirements shown in the HIPAA regulations as amended by the HITECH law and the final Omnibus Regulations. The process of developing the HIPAA privacy and security policies and procedures also provides a reference for the health care organization how to consider the security addressable and required regulation requirements.

Why should you Attend: There are three situations where having a set of HIPAA policies and procedures are needed:

First, the policies and procedures become a good reference to ensure that all areas are addressed for becoming HIPAA compliant.

Second, the HIPAA regulations REQUIRE covered entities and business associates to have a set of policies and procedures directing the workforce to perform their tasks in a controlled environment.Having a set of policies and procedures is positive evidence of the health care organization exercising due diligence.

Third, if there is a breach, the health care organization needs to demonstrate that it has proactively implemented a comprehensive set of HIPAA policies and procedures to keep any penalties to a minimum

Areas Covered in the Session:

What is a comprehensive set of HIPAA policy and procedures and why you need themWhat to look for in a set of HIPAA policy and procedures templates on the internetHow to customize the set of HIPAA policies and procedures for the health care organizationHow to train the health care organization workforce in using the HIPAA policies and proceduresHow to use the HIPAA policies and procedures to perform a HIPAA assessment

Speaker Profile Jim Wener has over 40 years of experience in assisting health care organizations – both providers and payers- in identifying their automation requirements and helping these organizations select and successfully implement the automation most applicable for their needs. His systems and processes background and his experience in working with health care data has given Mr. Wener a unique perspective regarding the issues related to implementing new health care models and how they affect all of the stakeholders in the health care system.

In working with health care organizations he has developed processes and procedures related to improving the provision of health care services, measuring the outcomes of those services and the addressing the impact of these factors on the reimbursement models. He has lead the effort for developing an ACO to serve Medicaid and Medicare beneficiaries and has presented this course as a reference for participants at a recent Healthcare Financial Management Association National Conference.